The Tor Browser / annotate

security/nss/lib/ckfw/nssmkey/mrsa.c@b8a032363ba2 (annotated)

security/nss/lib/ckfw/nssmkey/mrsa.c

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0 4
michael@0 5 #include "ckmk.h"
michael@0 6
michael@0 7 /* Sigh, For all the talk about 'ease of use', apple has hidden the interfaces
michael@0 8 * needed to be able to truly use CSSM. These came from their modification
michael@0 9 * to NSS's S/MIME code. The following two functions currently are not
michael@0 10 * part of the SecKey.h interface.
michael@0 11 */
michael@0 12 OSStatus
michael@0 13 SecKeyGetCredentials
michael@0 14 (
michael@0 15 SecKeyRef keyRef,
michael@0 16 CSSM_ACL_AUTHORIZATION_TAG authTag,
michael@0 17 int type,
michael@0 18 const CSSM_ACCESS_CREDENTIALS **creds
michael@0 19 );
michael@0 20
michael@0 21 /* this function could be implemented using 'SecKeychainItemCopyKeychain' and
michael@0 22 * 'SecKeychainGetCSPHandle' */
michael@0 23 OSStatus
michael@0 24 SecKeyGetCSPHandle
michael@0 25 (
michael@0 26 SecKeyRef keyRef,
michael@0 27 CSSM_CSP_HANDLE *cspHandle
michael@0 28 );
michael@0 29
michael@0 30
michael@0 31 typedef struct ckmkInternalCryptoOperationRSAPrivStr
michael@0 32 ckmkInternalCryptoOperationRSAPriv;
michael@0 33 struct ckmkInternalCryptoOperationRSAPrivStr
michael@0 34 {
michael@0 35 NSSCKMDCryptoOperation mdOperation;
michael@0 36 NSSCKMDMechanism *mdMechanism;
michael@0 37 ckmkInternalObject *iKey;
michael@0 38 NSSItem *buffer;
michael@0 39 CSSM_CC_HANDLE cssmContext;
michael@0 40 };
michael@0 41
michael@0 42 typedef enum {
michael@0 43 CKMK_DECRYPT,
michael@0 44 CKMK_SIGN
michael@0 45 } ckmkRSAOpType;
michael@0 46
michael@0 47 /*
michael@0 48 * ckmk_mdCryptoOperationRSAPriv_Create
michael@0 49 */
michael@0 50 static NSSCKMDCryptoOperation *
michael@0 51 ckmk_mdCryptoOperationRSAPriv_Create
michael@0 52 (
michael@0 53 const NSSCKMDCryptoOperation *proto,
michael@0 54 NSSCKMDMechanism *mdMechanism,
michael@0 55 NSSCKMDObject *mdKey,
michael@0 56 ckmkRSAOpType type,
michael@0 57 CK_RV *pError
michael@0 58 )
michael@0 59 {
michael@0 60 ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc;
michael@0 61 const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError);
michael@0 62 const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError);
michael@0 63 ckmkInternalCryptoOperationRSAPriv *iOperation;
michael@0 64 SecKeyRef privateKey;
michael@0 65 OSStatus macErr;
michael@0 66 CSSM_RETURN cssmErr;
michael@0 67 const CSSM_KEY *cssmKey;
michael@0 68 CSSM_CSP_HANDLE cspHandle;
michael@0 69 const CSSM_ACCESS_CREDENTIALS *creds = NULL;
michael@0 70 CSSM_CC_HANDLE cssmContext;
michael@0 71 CSSM_ACL_AUTHORIZATION_TAG authType;
michael@0 72
michael@0 73 /* make sure we have the right objects */
michael@0 74 if (((const NSSItem *)NULL == classItem) ||
michael@0 75 (sizeof(CK_OBJECT_CLASS) != classItem->size) ||
michael@0 76 (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) ||
michael@0 77 ((const NSSItem *)NULL == keyType) ||
michael@0 78 (sizeof(CK_KEY_TYPE) != keyType->size) ||
michael@0 79 (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) {
michael@0 80 *pError = CKR_KEY_TYPE_INCONSISTENT;
michael@0 81 return (NSSCKMDCryptoOperation *)NULL;
michael@0 82 }
michael@0 83
michael@0 84 privateKey = (SecKeyRef) iKey->u.item.itemRef;
michael@0 85 macErr = SecKeyGetCSSMKey(privateKey, &cssmKey);
michael@0 86 if (noErr != macErr) {
michael@0 87 CKMK_MACERR("Getting CSSM Key", macErr);
michael@0 88 *pError = CKR_KEY_HANDLE_INVALID;
michael@0 89 return (NSSCKMDCryptoOperation *)NULL;
michael@0 90 }
michael@0 91 macErr = SecKeyGetCSPHandle(privateKey, &cspHandle);
michael@0 92 if (noErr != macErr) {
michael@0 93 CKMK_MACERR("Getting CSP for Key", macErr);
michael@0 94 *pError = CKR_KEY_HANDLE_INVALID;
michael@0 95 return (NSSCKMDCryptoOperation *)NULL;
michael@0 96 }
michael@0 97 switch (type) {
michael@0 98 case CKMK_DECRYPT:
michael@0 99 authType = CSSM_ACL_AUTHORIZATION_DECRYPT;
michael@0 100 break;
michael@0 101 case CKMK_SIGN:
michael@0 102 authType = CSSM_ACL_AUTHORIZATION_SIGN;
michael@0 103 break;
michael@0 104 default:
michael@0 105 *pError = CKR_GENERAL_ERROR;
michael@0 106 #ifdef DEBUG
michael@0 107 fprintf(stderr,"RSAPriv_Create: bad type = %d\n", type);
michael@0 108 #endif
michael@0 109 return (NSSCKMDCryptoOperation *)NULL;
michael@0 110 }
michael@0 111
michael@0 112 macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds);
michael@0 113 if (noErr != macErr) {
michael@0 114 CKMK_MACERR("Getting Credentials for Key", macErr);
michael@0 115 *pError = CKR_KEY_HANDLE_INVALID;
michael@0 116 return (NSSCKMDCryptoOperation *)NULL;
michael@0 117 }
michael@0 118
michael@0 119 switch (type) {
michael@0 120 case CKMK_DECRYPT:
michael@0 121 cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA,
michael@0 122 creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext);
michael@0 123 break;
michael@0 124 case CKMK_SIGN:
michael@0 125 cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA,
michael@0 126 creds, cssmKey, &cssmContext);
michael@0 127 break;
michael@0 128 default:
michael@0 129 *pError = CKR_GENERAL_ERROR;
michael@0 130 #ifdef DEBUG
michael@0 131 fprintf(stderr,"RSAPriv_Create: bad type = %d\n", type);
michael@0 132 #endif
michael@0 133 return (NSSCKMDCryptoOperation *)NULL;
michael@0 134 }
michael@0 135 if (noErr != cssmErr) {
michael@0 136 CKMK_MACERR("Getting Context for Key", cssmErr);
michael@0 137 *pError = CKR_GENERAL_ERROR;
michael@0 138 return (NSSCKMDCryptoOperation *)NULL;
michael@0 139 }
michael@0 140
michael@0 141 iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv);
michael@0 142 if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) {
michael@0 143 *pError = CKR_HOST_MEMORY;
michael@0 144 return (NSSCKMDCryptoOperation *)NULL;
michael@0 145 }
michael@0 146 iOperation->mdMechanism = mdMechanism;
michael@0 147 iOperation->iKey = iKey;
michael@0 148 iOperation->cssmContext = cssmContext;
michael@0 149
michael@0 150 nsslibc_memcpy(&iOperation->mdOperation,
michael@0 151 proto, sizeof(NSSCKMDCryptoOperation));
michael@0 152 iOperation->mdOperation.etc = iOperation;
michael@0 153
michael@0 154 return &iOperation->mdOperation;
michael@0 155 }
michael@0 156
michael@0 157 static void
michael@0 158 ckmk_mdCryptoOperationRSAPriv_Destroy
michael@0 159 (
michael@0 160 NSSCKMDCryptoOperation *mdOperation,
michael@0 161 NSSCKFWCryptoOperation *fwOperation,
michael@0 162 NSSCKMDInstance *mdInstance,
michael@0 163 NSSCKFWInstance *fwInstance
michael@0 164 )
michael@0 165 {
michael@0 166 ckmkInternalCryptoOperationRSAPriv *iOperation =
michael@0 167 (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
michael@0 168
michael@0 169 if (iOperation->buffer) {
michael@0 170 nssItem_Destroy(iOperation->buffer);
michael@0 171 }
michael@0 172 if (iOperation->cssmContext) {
michael@0 173 CSSM_DeleteContext(iOperation->cssmContext);
michael@0 174 }
michael@0 175 nss_ZFreeIf(iOperation);
michael@0 176 return;
michael@0 177 }
michael@0 178
michael@0 179 static CK_ULONG
michael@0 180 ckmk_mdCryptoOperationRSA_GetFinalLength
michael@0 181 (
michael@0 182 NSSCKMDCryptoOperation *mdOperation,
michael@0 183 NSSCKFWCryptoOperation *fwOperation,
michael@0 184 NSSCKMDSession *mdSession,
michael@0 185 NSSCKFWSession *fwSession,
michael@0 186 NSSCKMDToken *mdToken,
michael@0 187 NSSCKFWToken *fwToken,
michael@0 188 NSSCKMDInstance *mdInstance,
michael@0 189 NSSCKFWInstance *fwInstance,
michael@0 190 CK_RV *pError
michael@0 191 )
michael@0 192 {
michael@0 193 ckmkInternalCryptoOperationRSAPriv *iOperation =
michael@0 194 (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
michael@0 195 const NSSItem *modulus =
michael@0 196 nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError);
michael@0 197
michael@0 198 return modulus->size;
michael@0 199 }
michael@0 200
michael@0 201
michael@0 202 /*
michael@0 203 * ckmk_mdCryptoOperationRSADecrypt_GetOperationLength
michael@0 204 * we won't know the length until we actually decrypt the
michael@0 205 * input block. Since we go to all the work to decrypt the
michael@0 206 * the block, we'll save if for when the block is asked for
michael@0 207 */
michael@0 208 static CK_ULONG
michael@0 209 ckmk_mdCryptoOperationRSADecrypt_GetOperationLength
michael@0 210 (
michael@0 211 NSSCKMDCryptoOperation *mdOperation,
michael@0 212 NSSCKFWCryptoOperation *fwOperation,
michael@0 213 NSSCKMDSession *mdSession,
michael@0 214 NSSCKFWSession *fwSession,
michael@0 215 NSSCKMDToken *mdToken,
michael@0 216 NSSCKFWToken *fwToken,
michael@0 217 NSSCKMDInstance *mdInstance,
michael@0 218 NSSCKFWInstance *fwInstance,
michael@0 219 const NSSItem *input,
michael@0 220 CK_RV *pError
michael@0 221 )
michael@0 222 {
michael@0 223 ckmkInternalCryptoOperationRSAPriv *iOperation =
michael@0 224 (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
michael@0 225 CSSM_DATA cssmInput;
michael@0 226 CSSM_DATA cssmOutput = { 0, NULL };
michael@0 227 PRUint32 bytesDecrypted;
michael@0 228 CSSM_DATA remainder = { 0, NULL };
michael@0 229 NSSItem output;
michael@0 230 CSSM_RETURN cssmErr;
michael@0 231
michael@0 232 if (iOperation->buffer) {
michael@0 233 return iOperation->buffer->size;
michael@0 234 }
michael@0 235
michael@0 236 cssmInput.Data = input->data;
michael@0 237 cssmInput.Length = input->size;
michael@0 238
michael@0 239 cssmErr = CSSM_DecryptData(iOperation->cssmContext,
michael@0 240 &cssmInput, 1, &cssmOutput, 1,
michael@0 241 &bytesDecrypted, &remainder);
michael@0 242 if (CSSM_OK != cssmErr) {
michael@0 243 CKMK_MACERR("Decrypt Failed", cssmErr);
michael@0 244 *pError = CKR_DATA_INVALID;
michael@0 245 return 0;
michael@0 246 }
michael@0 247 /* we didn't suppy any buffers, so it should all be in remainder */
michael@0 248 output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length);
michael@0 249 if (NULL == output.data) {
michael@0 250 free(cssmOutput.Data);
michael@0 251 free(remainder.Data);
michael@0 252 *pError = CKR_HOST_MEMORY;
michael@0 253 return 0;
michael@0 254 }
michael@0 255 output.size = bytesDecrypted + remainder.Length;
michael@0 256
michael@0 257 if (0 != bytesDecrypted) {
michael@0 258 nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted);
michael@0 259 free(cssmOutput.Data);
michael@0 260 }
michael@0 261 if (0 != remainder.Length) {
michael@0 262 nsslibc_memcpy(((char *)output.data)+bytesDecrypted,
michael@0 263 remainder.Data, remainder.Length);
michael@0 264 free(remainder.Data);
michael@0 265 }
michael@0 266
michael@0 267 iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL);
michael@0 268 nss_ZFreeIf(output.data);
michael@0 269 if ((NSSItem *) NULL == iOperation->buffer) {
michael@0 270 *pError = CKR_HOST_MEMORY;
michael@0 271 return 0;
michael@0 272 }
michael@0 273
michael@0 274 return iOperation->buffer->size;
michael@0 275 }
michael@0 276
michael@0 277 /*
michael@0 278 * ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
michael@0 279 *
michael@0 280 * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to
michael@0 281 * have been called previously.
michael@0 282 */
michael@0 283 static CK_RV
michael@0 284 ckmk_mdCryptoOperationRSADecrypt_UpdateFinal
michael@0 285 (
michael@0 286 NSSCKMDCryptoOperation *mdOperation,
michael@0 287 NSSCKFWCryptoOperation *fwOperation,
michael@0 288 NSSCKMDSession *mdSession,
michael@0 289 NSSCKFWSession *fwSession,
michael@0 290 NSSCKMDToken *mdToken,
michael@0 291 NSSCKFWToken *fwToken,
michael@0 292 NSSCKMDInstance *mdInstance,
michael@0 293 NSSCKFWInstance *fwInstance,
michael@0 294 const NSSItem *input,
michael@0 295 NSSItem *output
michael@0 296 )
michael@0 297 {
michael@0 298 ckmkInternalCryptoOperationRSAPriv *iOperation =
michael@0 299 (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
michael@0 300 NSSItem *buffer = iOperation->buffer;
michael@0 301
michael@0 302 if ((NSSItem *)NULL == buffer) {
michael@0 303 return CKR_GENERAL_ERROR;
michael@0 304 }
michael@0 305 nsslibc_memcpy(output->data, buffer->data, buffer->size);
michael@0 306 output->size = buffer->size;
michael@0 307 return CKR_OK;
michael@0 308 }
michael@0 309
michael@0 310 /*
michael@0 311 * ckmk_mdCryptoOperationRSASign_UpdateFinal
michael@0 312 *
michael@0 313 */
michael@0 314 static CK_RV
michael@0 315 ckmk_mdCryptoOperationRSASign_UpdateFinal
michael@0 316 (
michael@0 317 NSSCKMDCryptoOperation *mdOperation,
michael@0 318 NSSCKFWCryptoOperation *fwOperation,
michael@0 319 NSSCKMDSession *mdSession,
michael@0 320 NSSCKFWSession *fwSession,
michael@0 321 NSSCKMDToken *mdToken,
michael@0 322 NSSCKFWToken *fwToken,
michael@0 323 NSSCKMDInstance *mdInstance,
michael@0 324 NSSCKFWInstance *fwInstance,
michael@0 325 const NSSItem *input,
michael@0 326 NSSItem *output
michael@0 327 )
michael@0 328 {
michael@0 329 ckmkInternalCryptoOperationRSAPriv *iOperation =
michael@0 330 (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc;
michael@0 331 CSSM_DATA cssmInput;
michael@0 332 CSSM_DATA cssmOutput = { 0, NULL };
michael@0 333 CSSM_RETURN cssmErr;
michael@0 334
michael@0 335 cssmInput.Data = input->data;
michael@0 336 cssmInput.Length = input->size;
michael@0 337
michael@0 338 cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1,
michael@0 339 CSSM_ALGID_NONE, &cssmOutput);
michael@0 340 if (CSSM_OK != cssmErr) {
michael@0 341 CKMK_MACERR("Signed Failed", cssmErr);
michael@0 342 return CKR_FUNCTION_FAILED;
michael@0 343 }
michael@0 344 if (cssmOutput.Length > output->size) {
michael@0 345 free(cssmOutput.Data);
michael@0 346 return CKR_BUFFER_TOO_SMALL;
michael@0 347 }
michael@0 348 nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length);
michael@0 349 free(cssmOutput.Data);
michael@0 350 output->size = cssmOutput.Length;
michael@0 351
michael@0 352 return CKR_OK;
michael@0 353 }
michael@0 354
michael@0 355
michael@0 356 NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
michael@0 357 ckmk_mdCryptoOperationRSADecrypt_proto = {
michael@0 358 NULL, /* etc */
michael@0 359 ckmk_mdCryptoOperationRSAPriv_Destroy,
michael@0 360 NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */
michael@0 361 ckmk_mdCryptoOperationRSADecrypt_GetOperationLength,
michael@0 362 NULL, /* Final - not needed for one shot operation */
michael@0 363 NULL, /* Update - not needed for one shot operation */
michael@0 364 NULL, /* DigetUpdate - not needed for one shot operation */
michael@0 365 ckmk_mdCryptoOperationRSADecrypt_UpdateFinal,
michael@0 366 NULL, /* UpdateCombo - not needed for one shot operation */
michael@0 367 NULL, /* DigetKey - not needed for one shot operation */
michael@0 368 (void *)NULL /* null terminator */
michael@0 369 };
michael@0 370
michael@0 371 NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation
michael@0 372 ckmk_mdCryptoOperationRSASign_proto = {
michael@0 373 NULL, /* etc */
michael@0 374 ckmk_mdCryptoOperationRSAPriv_Destroy,
michael@0 375 ckmk_mdCryptoOperationRSA_GetFinalLength,
michael@0 376 NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */
michael@0 377 NULL, /* Final - not needed for one shot operation */
michael@0 378 NULL, /* Update - not needed for one shot operation */
michael@0 379 NULL, /* DigetUpdate - not needed for one shot operation */
michael@0 380 ckmk_mdCryptoOperationRSASign_UpdateFinal,
michael@0 381 NULL, /* UpdateCombo - not needed for one shot operation */
michael@0 382 NULL, /* DigetKey - not needed for one shot operation */
michael@0 383 (void *)NULL /* null terminator */
michael@0 384 };
michael@0 385
michael@0 386 /********** NSSCKMDMechansim functions ***********************/
michael@0 387 /*
michael@0 388 * ckmk_mdMechanismRSA_Destroy
michael@0 389 */
michael@0 390 static void
michael@0 391 ckmk_mdMechanismRSA_Destroy
michael@0 392 (
michael@0 393 NSSCKMDMechanism *mdMechanism,
michael@0 394 NSSCKFWMechanism *fwMechanism,
michael@0 395 NSSCKMDInstance *mdInstance,
michael@0 396 NSSCKFWInstance *fwInstance
michael@0 397 )
michael@0 398 {
michael@0 399 nss_ZFreeIf(fwMechanism);
michael@0 400 }
michael@0 401
michael@0 402 /*
michael@0 403 * ckmk_mdMechanismRSA_GetMinKeySize
michael@0 404 */
michael@0 405 static CK_ULONG
michael@0 406 ckmk_mdMechanismRSA_GetMinKeySize
michael@0 407 (
michael@0 408 NSSCKMDMechanism *mdMechanism,
michael@0 409 NSSCKFWMechanism *fwMechanism,
michael@0 410 NSSCKMDToken *mdToken,
michael@0 411 NSSCKFWToken *fwToken,
michael@0 412 NSSCKMDInstance *mdInstance,
michael@0 413 NSSCKFWInstance *fwInstance,
michael@0 414 CK_RV *pError
michael@0 415 )
michael@0 416 {
michael@0 417 return 384;
michael@0 418 }
michael@0 419
michael@0 420 /*
michael@0 421 * ckmk_mdMechanismRSA_GetMaxKeySize
michael@0 422 */
michael@0 423 static CK_ULONG
michael@0 424 ckmk_mdMechanismRSA_GetMaxKeySize
michael@0 425 (
michael@0 426 NSSCKMDMechanism *mdMechanism,
michael@0 427 NSSCKFWMechanism *fwMechanism,
michael@0 428 NSSCKMDToken *mdToken,
michael@0 429 NSSCKFWToken *fwToken,
michael@0 430 NSSCKMDInstance *mdInstance,
michael@0 431 NSSCKFWInstance *fwInstance,
michael@0 432 CK_RV *pError
michael@0 433 )
michael@0 434 {
michael@0 435 return 16384;
michael@0 436 }
michael@0 437
michael@0 438 /*
michael@0 439 * ckmk_mdMechanismRSA_DecryptInit
michael@0 440 */
michael@0 441 static NSSCKMDCryptoOperation *
michael@0 442 ckmk_mdMechanismRSA_DecryptInit
michael@0 443 (
michael@0 444 NSSCKMDMechanism *mdMechanism,
michael@0 445 NSSCKFWMechanism *fwMechanism,
michael@0 446 CK_MECHANISM *pMechanism,
michael@0 447 NSSCKMDSession *mdSession,
michael@0 448 NSSCKFWSession *fwSession,
michael@0 449 NSSCKMDToken *mdToken,
michael@0 450 NSSCKFWToken *fwToken,
michael@0 451 NSSCKMDInstance *mdInstance,
michael@0 452 NSSCKFWInstance *fwInstance,
michael@0 453 NSSCKMDObject *mdKey,
michael@0 454 NSSCKFWObject *fwKey,
michael@0 455 CK_RV *pError
michael@0 456 )
michael@0 457 {
michael@0 458 return ckmk_mdCryptoOperationRSAPriv_Create(
michael@0 459 &ckmk_mdCryptoOperationRSADecrypt_proto,
michael@0 460 mdMechanism, mdKey, CKMK_DECRYPT, pError);
michael@0 461 }
michael@0 462
michael@0 463 /*
michael@0 464 * ckmk_mdMechanismRSA_SignInit
michael@0 465 */
michael@0 466 static NSSCKMDCryptoOperation *
michael@0 467 ckmk_mdMechanismRSA_SignInit
michael@0 468 (
michael@0 469 NSSCKMDMechanism *mdMechanism,
michael@0 470 NSSCKFWMechanism *fwMechanism,
michael@0 471 CK_MECHANISM *pMechanism,
michael@0 472 NSSCKMDSession *mdSession,
michael@0 473 NSSCKFWSession *fwSession,
michael@0 474 NSSCKMDToken *mdToken,
michael@0 475 NSSCKFWToken *fwToken,
michael@0 476 NSSCKMDInstance *mdInstance,
michael@0 477 NSSCKFWInstance *fwInstance,
michael@0 478 NSSCKMDObject *mdKey,
michael@0 479 NSSCKFWObject *fwKey,
michael@0 480 CK_RV *pError
michael@0 481 )
michael@0 482 {
michael@0 483 return ckmk_mdCryptoOperationRSAPriv_Create(
michael@0 484 &ckmk_mdCryptoOperationRSASign_proto,
michael@0 485 mdMechanism, mdKey, CKMK_SIGN, pError);
michael@0 486 }
michael@0 487
michael@0 488
michael@0 489 NSS_IMPLEMENT_DATA const NSSCKMDMechanism
michael@0 490 nss_ckmk_mdMechanismRSA = {
michael@0 491 (void *)NULL, /* etc */
michael@0 492 ckmk_mdMechanismRSA_Destroy,
michael@0 493 ckmk_mdMechanismRSA_GetMinKeySize,
michael@0 494 ckmk_mdMechanismRSA_GetMaxKeySize,
michael@0 495 NULL, /* GetInHardware - default false */
michael@0 496 NULL, /* EncryptInit - default errs */
michael@0 497 ckmk_mdMechanismRSA_DecryptInit,
michael@0 498 NULL, /* DigestInit - default errs*/
michael@0 499 ckmk_mdMechanismRSA_SignInit,
michael@0 500 NULL, /* VerifyInit - default errs */
michael@0 501 ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */
michael@0 502 NULL, /* VerifyRecoverInit - default errs */
michael@0 503 NULL, /* GenerateKey - default errs */
michael@0 504 NULL, /* GenerateKeyPair - default errs */
michael@0 505 NULL, /* GetWrapKeyLength - default errs */
michael@0 506 NULL, /* WrapKey - default errs */
michael@0 507 NULL, /* UnwrapKey - default errs */
michael@0 508 NULL, /* DeriveKey - default errs */
michael@0 509 (void *)NULL /* null terminator */
michael@0 510 };

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial